But imagine having a stranger use this very same tool for holding your gadgets for ransom, locking them and worse, wiping them out from afar.

This is exactly what several Mac users have been reporting these past few days - hackers are breaking into their iCloud accounts and are remotely locking their machines through Apple's "Find My" service.

How the "Find My (Device)" attack works

Apple's "Find My" tracking service helps you get your iPhone, iPad or Mac back in case it's misplaced or stolen. It also has an option to put your Apple gadget in "Lost Mode" and display a specific message (your contact information, for example) on it, and for security purposes, even an "Erase" option to wipe all its data.

This sounds like a really life-saving feature but unfortunately, it can also be used against you.

Essentially, if someone manages to gain access to your Apple iCloud account, they can utilize these same tools to lock your own Apple gadgets and display a "ransom note" on the lock screen itself.

As reported by some Mac users, their computers are being locked by strangers with a passcode and a ransom message demanding a 0.01 amount of the digital currency Bitcoin (worth about $40).

So how did these hackers break into iCloud accounts? Known as the password reuse attack, the passwords were most likely taken from other data breaches and the victims were probably using the same credentials.

How about two-factor authentication (2FA)? Shouldn't that protect most users for password reuse attacks?

How does Apple's two-factor authentication work?

Apple introduced 2FA in 2015 to add another level of protection to Apple and iCloud accounts.

When accessing iCloud.com on a browser, this verification method requires users to input a one-time code sent to their other Apple gadgets, together with the password, when logging into an iCloud account for the first time.

This means that if someone successfully cracks your iCloud password, they still can't log into your account without the code.

A user can simply bypass the authorization code input process and click directly on the "Find My iPhone" icon on the page to see all the gadgets registered under the account. These gadgets can then be locked with a special message via "Lost Mode" remotely.

This allows hackers to remotely lock and even wipe an iPhone, iPad or a Mac by merely cracking a user's iCloud account password.

How to protect yourself

Fortunately, having a passcode already set up on your iPhone or iPad protects you from this attack. If someone manages to remotely lock your iOS gadget out via Lost Mode, just hit the home button once then enter your saved passcode normally to unlock it.

Macs, however, are still vulnerable. Even if you have a local password in place, iCloud.com hackers can still use the "Find My" service's Lost Mode to remotely lock your machine with a specific passcode. You can always disable "Find My Mac" by going to System Preferences >> iCloud >> deselect Find My Mac, but you will lose the tracking benefits of this feature. Location tracking may not be as needed for static desktops like iMacs but it can be useful for portables like a MacBook.

Perhaps before disabling your "Find My" services, it's best to review your iCloud password first (and for that matter, all your online passwords too.) It's your first line of defense, after all.

Additionally, with all its weaknesses, enabling Apple's two-factor authentication on your iCloud account is still critical because it adds an extra layer of protection from hackers.

If you ever get victimized by the "Find My" ransom attack, please don't pay the ransom. Just take your device to your nearest Apple Store for ways to recover it.

Better yet, always keep a backup of your data so you can restore your device in the case of an emergency. Always create a Time Machine backup of your Mac and for extra security use an online backup service such as our sponsor IDrive.